Jump to content

Martin Ba

  • Content Count

  • Joined

  • Last visited

Everything posted by Martin Ba

  1. I am writing this mainly in the hopes it may be useful info/warning for others. (after all these forums seem to be Google indexed). Also questions at the end. I was looking into Windows Controlled Folder Access on my Windows 10 Home laptop, and found a thread https://forum.eset.com/topic/13514-controlled-access-folders-with-defender-in-1709/ that mentioned that there are HIPS rules/filters "ask" where I can protect access to certain folders. Well. I tried. I created a rule "for all apps" with "file operations" and at the end specified a specific folder containing some PDFs. It seems I did something wrong: ESET started blocking *every* file access by *every* program on the system, essentially making the system unusable, and essentially making me unable to revert the changes, as even the ESET Gui wasn't reacting properly anymore. I could continue to click some operations, but was unable to make any changes persist in ESET, and after a while the system would basically hang in a "Please wait ..." windows screen. After fiddling around, I managed to get into a recovery console of Win10 (*a) and was able to rename the ESET program folder from "ESET" to "ESET_disabled" thereby preventing the ESET service from starting on next reboot. I took a quick peek into the registry to see if the options would be changeable there, but no luck so far. Too much, too cryptic in regedit. Anyways, I will now try to remove ESET and probably reinstall it, keeping my fingers away from these stupid HIPS rules. A few questions though: * Is there any supported way to change ESET settings via registry keys (or maybe via the command line) while the ESET service is stopped? * Something like having the ESET service start fully disabled next time it's started, so that it cannot interfere and I can revert messed up settings. Fun. Fun. Fun. :-( (*a): The Windows Login Screen isn't affected by the ask rules, so I was able to reboot, press SHIFT+reboot there and go into the recovery console and rename the folder from the command line there.
  2. @itman - well yeah, I was a bit careless. I will note a few things however: * I DID specify an "ask" rule, but in such a catch all scenario it really stops mattering. * I wanted to experiment with a non-critical folder - in fact the setting only contained such a non-critical folder -- or so it seemed to me at the time of creation. If I had been more cautions and restricted the affected applications to, say, Firefox, then maybe I would have noticed in a non-fatal way that something didn't work with the directories I specified.